Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 21st June 2006, 06:12
alexnz alexnz is offline
Member
 
Join Date: Jun 2006
Posts: 66
Thanks: 3
Thanked 0 Times in 0 Posts
Default RBL - spam blacklists howto

can someone point me in the direction on how i setup my postfix system with maildir too support the RBL anti-spam blacklist system

thanks,
Reply With Quote
Sponsored Links
  #2  
Old 21st June 2006, 09:26
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,146
Thanks: 4
Thanked 55 Times in 51 Posts
Default

That is quite simple. You need them to add to the "smtpd_recipient_restrictions" in your main.cf file.

All of mien looks like that:

Code:
smtpd_recipient_restrictions =
        reject_invalid_hostname,
        permit_sasl_authenticated,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        permit_mynetworks,
#       permit_sasl_authenticated,
        reject_unauth_destination,
        check_recipient_access hash:/etc/postfix/recipient_checks,
        check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
        check_helo_access hash:/etc/postfix/helo_checks,
        check_sender_access hash:/etc/postfix/sender_checks,
        check_client_access hash:/etc/postfix/client_checks,
        check_client_access pcre:/etc/postfix/client_checks.pcre,
        reject_rbl_client relays.ordb.org,
        reject_rbl_client opm.blitzed.org,
        reject_rbl_client list.dsbl.org,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client dul.dnsbl.sorbs.net,
        reject_rhsbl_client blackhole.securitysage.com,
        reject_rhsbl_sender blackhole.securitysage.com,
        reject_rbl_client relays.ordb.org,
        reject_rbl_client blackholes.easynet.nl,
        reject_rbl_client cbl.abuseat.org,
        reject_rbl_client proxies.blackholes.wirehub.net,
        reject_rbl_client bl.spamcop.net,
        reject_rbl_client dnsbl.njabl.org,
        permit
As you can see in the first part I do some other checks and the RBLs start with that here:
Quote:
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rbl_client relays.ordb.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client proxies.blackholes.wirehub.net,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.njabl.org,
Just add those rbls that you want to use

After you have altered the main.cf restart postfix ^^

Last edited by sjau; 22nd June 2006 at 18:20.
Reply With Quote
  #3  
Old 22nd June 2006, 00:25
alexnz alexnz is offline
Member
 
Join Date: Jun 2006
Posts: 66
Thanks: 3
Thanked 0 Times in 0 Posts
Default

thanks!

ive added the full string too main.cf and restarted postfix with no issues

ive installed rblcheck and rbldnsd using apt-get install - is this all i need too do for RBL blacklists too be added to my server?

thanks!!!
Reply With Quote
  #4  
Old 22nd June 2006, 15:41
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,740 Times in 2,575 Posts
Default

Quote:
Originally Posted by alexnz
ive installed rblcheck and rbldnsd using apt-get install - is this all i need too do for RBL blacklists too be added to my server?
You don't need this. Just configure Postfix as outlined above.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 23rd June 2006, 01:20
alexnz alexnz is offline
Member
 
Join Date: Jun 2006
Posts: 66
Thanks: 3
Thanked 0 Times in 0 Posts
Default

thanks for that falko!
Reply With Quote
  #6  
Old 17th August 2006, 20:29
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi Falko,

Quote:
Originally Posted by falko
You don't need this. Just configure Postfix as outlined above.
I have a SuSE 10.1 64bit system.
In this case is this also the only thing necessary to put RBL's to work.

My problem is that I have setup this in main.cf but in my postfix directory I still keep getting an enormous amount of trash mail going to :

/var/spool/postfix/ ...

either the emails are
/deferred
/defer
/bounced (a bit less) or

/active
and
/incomming

At this point I have no user in the system! So I should get 0 emails. This is clearly spam .

Regards,
Pedro

Last edited by keybd_user; 17th August 2006 at 20:41.
Reply With Quote
  #7  
Old 17th August 2006, 21:09
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,146
Thanks: 4
Thanked 55 Times in 51 Posts
Default

if you want to use some more checks you could also add this:

Code:
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
Those are just standards checks on whether the email "appears" to be from a legit site.
In order to see whether you rbls work you can look at your mail.log and see if any of the lists rbls will appear in there.
Reply With Quote
  #8  
Old 17th August 2006, 21:49
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi,



Quote:
Originally Posted by sjau
if you want to use some more checks you could also add this:

Code:
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
Those are just standards checks on whether the email "appears" to be from a legit site.
In order to see whether you rbls work you can look at your mail.log and see if any of the lists rbls will appear in there.
Thanks,

I did already looked at the mail logs.
and making :
prompt:/ less mail.log | grep blackhole.securitysage.com ... and the others rbnl's

does not return nothing ?!!?

Where can I see if the black lists servers are working?

regards,
Pedro
Reply With Quote
  #9  
Old 17th August 2006, 22:13
keybd_user keybd_user is offline
Member
 
Join Date: Apr 2006
Location: Coimbra, Portugal
Posts: 39
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hi,

Sorry once again.
The RBL's are working!
Just found several:
bl.spamcop.net blocks for certain ip's!
Funny but on 170MB of log no other RBL is invoked
Is it necessary any type of registration for the others ?
They seem free in a first glimpse. ...

Well it escaped me.

Quote:
Originally Posted by sjau
if you want to use some more checks you could also add this:

Code:
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
Those are just standards checks on whether the email "appears" to be from a legit site.
In order to see whether you rbls work you can look at your mail.log and see if any of the lists rbls will appear in there.
Your line are allready in your first post. The forced identification of hostname, sender and recipient, (fqdn).

Even like this the problem maintains.
In the mail logs I see a lot of emails sent!
That means postfix is still making relay for some of those emails!
In my server this at this current rate it will be 1,5GB in the end of the month!

Regards,
Pedro
Reply With Quote
  #10  
Old 17th August 2006, 22:15
sjau sjau is offline
Local Meanie
 
Join Date: Apr 2006
Location: Switzerland
Posts: 1,146
Thanks: 4
Thanked 55 Times in 51 Posts
 
Default

Do you haven an open relay server?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Slicker spam handling with Maildirs IntnsRed Feature Requests 9 30th March 2008 06:02
How to kill spam when spamassassin marks it spam kpimichael Suggest HOWTO 15 6th August 2007 16:44
Filtering SPAM MvincM Installation/Configuration 28 3rd October 2006 17:33
Howto let procmail move spam to folder? oversight HOWTO-Related Questions 9 1st May 2006 15:39
Samba as a PDC HOWTO help jesterking HOWTO-Related Questions 2 23rd February 2006 19:45


All times are GMT +2. The time now is 16:20.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.